474d4951d8
* Switch to dompurify for sanitizing markdown content Switches us from using `insane` to instead use `dompurify`, which seems to be better maintained and also has some nice features, such as built-in trusted types support I've tried to port over our existing sanitizer settings as best as possible, but there's not always a 1:1 mapping between how insane works and how dompurify does. I'd like to get this change in early in the iteration to catch potential regressions * Remove logging and renaming param * Move dompurify to browser layer * Fixing tests and how we check valid attributes * Allow innerhtml in specific files * Use isEqualNode instead of checking innerHTML directly innerHTML can return different results on different browsers. Use `isEqualNode` instead * Reapply fix for trusted types * Enable ALLOW_UNKNOWN_PROTOCOLS I beleive this is required since we allow links to commands and loading images over remote * in -> of * Fix check of protocol * Enable two more safe tags
37 lines
1.4 KiB
JSON
37 lines
1.4 KiB
JSON
{
|
|
"ban-eval-calls": [
|
|
"vs/workbench/api/worker/extHostExtensionService.ts",
|
|
"vs/base/worker/workerMain"
|
|
],
|
|
"ban-function-calls": [
|
|
"vs/workbench/api/worker/extHostExtensionService.ts",
|
|
"vs/base/worker/workerMain",
|
|
"vs/workbench/contrib/notebook/browser/view/renderers/webviewPreloads.ts",
|
|
"vs/workbench/services/keybinding/test/electron-browser/keyboardMapperTestUtils.ts"
|
|
],
|
|
"ban-trustedtypes-createpolicy": [
|
|
"vs/base/browser/dom.ts",
|
|
"vs/base/browser/markdownRenderer.ts",
|
|
"vs/base/worker/defaultWorkerFactory.ts",
|
|
"vs/base/worker/workerMain.ts",
|
|
"vs/editor/browser/core/markdownRenderer.ts",
|
|
"vs/editor/browser/view/domLineBreaksComputer.ts",
|
|
"vs/editor/browser/view/viewLayer.ts",
|
|
"vs/editor/browser/widget/diffEditorWidget.ts",
|
|
"vs/editor/contrib/inlineCompletions/ghostTextWidget.ts",
|
|
"vs/editor/browser/widget/diffReview.ts",
|
|
"vs/editor/standalone/browser/colorizer.ts",
|
|
"vs/workbench/api/worker/extHostExtensionService.ts",
|
|
"vs/workbench/contrib/notebook/browser/view/renderers/cellRenderer.ts",
|
|
"vs/workbench/contrib/notebook/browser/view/renderers/webviewPreloads.ts",
|
|
"vs/workbench/services/extensions/browser/webWorkerExtensionHost.ts"
|
|
],
|
|
"ban-worker-calls": [
|
|
"vs/base/worker/defaultWorkerFactory.ts",
|
|
"vs/workbench/services/extensions/browser/webWorkerExtensionHost.ts"
|
|
],
|
|
"ban-domparser-parsefromstring": [
|
|
"vs/base/test/browser/markdownRenderer.test.ts"
|
|
]
|
|
}
|